simple_admin_auth 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in simple_admin_auth.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Ralf Kistner
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,34 @@
+# SimpleAdminAuth
+
+Add simple admin authentication to any Rails application, using Google Apps for authentication.
+
+Authentication is done purely on the Google Apps domain - no user model is used.
+
+## Usage
+
+Add this line to your application's Gemfile:
+
+    gem 'simple_admin_auth'
+
+Create an initialiser configuring your domain:
+
+  Rails.application.config.middleware.use SimpleAdminAuth::Builder do
+    provider :google_apps, :domain => 'yourdomain.com', :name => 'admin'
+  end
+
+Protect any routes that require authentication:
+
+  constraints SimpleAdminAuth::Authenticate do
+    mount MongoRequestLogger::Viewer, :at => "/log"
+  end
+
+An user may be logged out by linking to `/auth/admin/logout`, or by clearing `session[:admin_user]`.
+
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/simple_admin_auth/application.rb

@@ -0,0 +1,75 @@
+require 'sinatra'
+
+module SimpleAdminAuth
+  class Application < Sinatra::Base
+    enable :inline_templates
+    set :raise_errors, true
+    set :show_exceptions, false
+
+    def self.get_or_post(path, opts={}, &block)
+      get(path, opts, &block)
+      post(path, opts, &block)
+    end
+
+    get_or_post '/auth/admin/callback' do
+      auth_hash = request.env['omniauth.auth']
+      puts auth_hash.inspect
+      session[:admin_user] = auth_hash['info']
+
+      return_url = session[:admin_login_return_url] || '/'
+      session[:admin_login_return_url] = nil
+      if admin?
+        redirect return_url
+      else
+        throw(:halt, [401, "Not authorized\n"])
+      end
+    end
+
+    get '/auth/admin/logout' do
+      return_to = params[:return_to] || '/'
+      session[:admin_user] = nil
+      redirect return_to
+    end
+
+    get '/auth/admin/login' do
+      erb :login
+    end
+
+    get '/auth/admin/bootstrap.css' do
+      send_file File.join(File.dirname(__FILE__), '../../static/css/bootstrap.min.css')
+    end
+
+    private
+
+
+    def admin?
+      !session[:admin_user].nil?
+    end
+  end
+end
+
+__END__
+
+@@ login
+<html>
+<head><title>Admin Login</title>
+  <link rel="stylesheet" href="http://localhost:3000/auth/admin/bootstrap.css" />
+  <style type="text/css">
+    body {
+      background-color: #F9F9F9;
+    }
+
+    #content {
+      text-align: center;
+      margin: 200px auto;
+    }
+  </style>
+</head>
+<body>
+<div id="content">
+  <p>You need to sign in to continue.</p>
+  <a class="btn btn-large" href="/auth/admin">Sign in via Google Apps</a>
+</div>
+
+</body>
+</html>

data/lib/simple_admin_auth/authenticated.rb

@@ -0,0 +1,26 @@
+module SimpleAdminAuth
+  def self.authenticate &block
+    constraints(Authenticate) do
+      yield
+    end
+  end
+
+  class Authenticate
+    def self.matches?(request)
+      if !request.session[:admin_user].nil?
+        true
+      else
+        request.session[:admin_login_return_url] = request.url
+        raise RedirectException.new('/auth/admin/login')
+      end
+
+    end
+  end
+
+
+  class Unauthenticated
+    def self.matches?(request)
+      !Authenticated.matches?(request)
+    end
+  end
+end

data/lib/simple_admin_auth/builder.rb

@@ -0,0 +1,15 @@
+require 'omniauth'
+require 'omniauth/builder'
+require 'omniauth/strategies/google_apps'
+require 'simple_admin_auth/application'
+
+module SimpleAdminAuth
+  class Builder < OmniAuth::Builder
+    def initialize(*args)
+      super(*args)
+
+      use SimpleAdminAuth::LoginRedirect
+      use SimpleAdminAuth::Application
+    end
+  end
+end

data/lib/simple_admin_auth/login_redirect.rb

@@ -0,0 +1,23 @@
+module SimpleAdminAuth
+  class LoginRedirect
+    def initialize(app, options={})
+      @app = app
+    end
+
+    def call(env)
+      begin
+        @app.call(env)
+      rescue RedirectException => e
+        [302, {"Location" => e.url}, ["Redirecting..."]]
+      end
+    end
+  end
+
+  class RedirectException < Exception
+    attr_reader :url
+
+    def initialize(url)
+      @url = url
+    end
+  end
+end

data/lib/simple_admin_auth/version.rb

@@ -0,0 +1,3 @@
+module SimpleAdminAuth
+  VERSION = "0.0.1"
+end

data/lib/simple_admin_auth.rb

@@ -0,0 +1,9 @@
+require 'simple_admin_auth/version'
+require 'simple_admin_auth/application'
+require 'simple_admin_auth/login_redirect'
+require 'simple_admin_auth/builder'
+require 'simple_admin_auth/authenticated'
+
+module SimpleAdminAuth
+
+end

data/simple_admin_auth.gemspec

@@ -0,0 +1,23 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'simple_admin_auth/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "simple_admin_auth"
+  gem.version       = SimpleAdminAuth::VERSION
+  gem.authors       = ["Ralf Kistner"]
+  gem.email         = ["ralf@embarkmobile.com"]
+  gem.description   = %q{Add simple admin authentication to any Rails application, using Google Apps for authentication.}
+  gem.summary       = %q{Simple admin authentication using Google Apps}
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency 'omniauth'
+  gem.add_dependency 'omniauth-google-apps'
+  gem.add_dependency 'sinatra'
+end